Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudo has no access to exported bash function
Top Forums UNIX for Beginners Questions & Answers Sudo has no access to exported bash function Post 303040917 by jcdole on Saturday 9th of November 2019 11:06:45 AM
Old 11-09-2019
Quote:
Originally Posted by gull04
Hi,

You can preserve your current environment if you have been granted sufficient rights to do so with the -E switch or --preserve-env switch.

Regards

Gull04
My test show that does not work for function as Corona688 just said.


Thank you

--- Post updated at 18:06 ---

Quote:
Originally Posted by Corona688
These files are used on login. sudo bash is not a login.

Environment variables are external memory designed to be shared. Functions are part of a shell's internals and are not. For sudo bash to have a function, it will need to source that file.

Code:
#!/bin/bash

. /etc/bash.bashrc.local

 function_1

sudo often blocks environment variables, by the way, to prevent people putting in strange values for EDITOR and the like and executing them with dangerous privileges.

That mean that any script I run which need to be started with sudo needs to contains something like that :
Code:
#
# ~/test_001.sh
#

. /path/to/my_list_of_functions


#
# Code followed

#

But if the same script may be run by normal user, my functions will be sourced twice
One times by the login process via /etc/profile.local
One times by the code added on top of script.
What happens ?



Any comment is welcome.
 

10 More Discussions You Might Find Interesting

1. Linux

sudo access verification

Hi All, I got lots of request with sudo, a manager request, verbal command, do this and do that. The problem with this kind of request is when I added that script and that. It will not be perfect, it's because I can't verify the userid sudo access, I can't reset their password as well, I... (2 Replies)
Discussion started by: itik
2 Replies

2. Shell Programming and Scripting

Scope of exported function

Hi I'm hoping someone can tell me how to extend the scope of an exported function in the korn shell. I have written a function in a file that I dot in from my .kshrc file and it works fine. However I would like this function to be available to anyone in a certain group on the machine... (10 Replies)
Discussion started by: steadyonabix
10 Replies

3. Shell Programming and Scripting

ONLY SU Sudo access

Hello All, I want to create a script that will do ONLY su to any user on the server with hpadmin login using sudo. Can anyone let me know how can it do it. Regards Ankit (1 Reply)
Discussion started by: ajaincv
1 Replies

4. UNIX for Dummies Questions & Answers

sudo/root access

I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'. I tried and got a error message like "not allowed". After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well. Can please somebody explain me this... (0 Replies)
Discussion started by: daWonderer
0 Replies

5. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

6. UNIX for Advanced & Expert Users

Help needed in sudo access

I want to give root access to a user called denielr on server - tsprd01, but do not want to share root password. I have sudoers configured already. He should have all access equal to root. I made this entry in /etc/sudoers, but it is not working denielr tsprd01 =(root) NOPASSWD: ALL I tried to... (2 Replies)
Discussion started by: solaris_1977
2 Replies

7. Red Hat

Sudo access issue

Hi, I have given access to user mwadmin in shudders file as : mwadmin ALL:NOPASSWD:/www/* /usr/* /opt/* However, not able to execute below command: sudo mkdir -p /usr/test password for mwadmin: Sorry, user mwadmin is not allowed to execute '/bin/mkdir -p /usr/test' as root. ... (4 Replies)
Discussion started by: saurau
4 Replies

8. UNIX for Dummies Questions & Answers

Inheriting SUDO access?

I had a question on users inheriting SUDO capabilities of another account. Let's say that there are three users A, B, and C. A has access to Sudo into B. B has access to Sudo into C. Does this give A access to sudo into B and then sudo into C. A -> B B -> C A -> B -> C ? Another example. My... (2 Replies)
Discussion started by: sbcopty
2 Replies

9. Shell Programming and Scripting

Using plink with sudo access

I have similar issue as mentioned in 167174-how-run-script-using-batch-file.html It works good, but the control is not coming back to source i tried adding exit to remote script. Thanks, Suresh (0 Replies)
Discussion started by: snsuresh
0 Replies

10. UNIX for Beginners Questions & Answers

Loading associative array from exported function

Hello. I have an export of an associative array build using declare -p SOME_ARRAY_NAME > SOME_FILE_NAME.txt. Producing some thing like declare -A SOME_ARRAY_NAME=( ="some_text" ="a_text" ......... ="another_text" ) in a text file. I have a stock of functions which are sourced from... (1 Reply)
Discussion started by: jcdole
1 Replies

LEARN ABOUT DEBIAN

molly-guard

MOLLY-GUARD(8)							  [FIXME: manual]						    MOLLY-GUARD(8)

NAME

       molly-guard - guard against accidental shutdowns/reboots

SYNOPSIS

       shutdown [-hV] [--molly-guard-do-nothing] [-- script_options]

       halt [-hV] [--molly-guard-do-nothing] [-- script_options]

       reboot [-hV] [--molly-guard-do-nothing] [-- script_options]

       poweroff [-hV] [--molly-guard-do-nothing] [-- script_options]

DESCRIPTION

       molly-guard attempts to prevent you from accidentally shutting down or rebooting machines. It does this by injecting a couple of checks
       before the existing commands: halt, reboot, shutdown, and poweroff. This happens via scripts with the same names in /usr/sbin, so it only
       works if you have /usr/sbin before /sbin in your PATH!

       Before molly-guard invokes the real command, all scripts in /etc/molly-guard/run.d/ have to run and exit successfully; else, it aborts the
       command.  run-parts(1) is used to process the directory.

       molly-guard passes any script_options to the scripts, and also populates the environment with the following variables:

       o   MOLLYGUARD_CMD - the actual command invoked by the user.

       o   MOLLYGUARD_DO_NOTHING - set to 1 if this is a demo-run.

       o   MOLLYGUARD_SETTINGS - the path to a shell script snippet which scripts can source to obtain settings.

       molly-guard prints the contents of /etc/molly-guard/messages.d/COMMAND or /etc/molly-guard/messages.d/default to the console, if either
       exists. This is due to /etc/molly-guard/run.d/10-print-message.

GUARDING SSH SESSIONS

       molly-guard was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server
       package) is implemented in /etc/molly-guard/run.d/30-query-hostname.

       This script first tests whether the command is being executed from a tty which has been created by sshd. It also checks whether the
       variable SSH_CONNECTION is defined. If any of these tests are successful, test script queries the user for the machine's hostname, which
       should be sufficient to prevent the user from doing something by accident.

       You can pass the --pretend-ssh script option to molly-guard to pretend that those tests succeeds. Alternatively, setting
       ALWAYS_QUERY_HOSTNAME in /etc/molly-guard/rc causes the script to always query.

       The following situations are still UNGUARDED. If you can think of ways to protect against those, please let me know!

       o   running sudo within screen or screen within sudo; sudo eats the SSH_CONNECTION variable, and screen creates a new pty.

       o   executing those command in a remote terminal window, that is a XTerm started on a remote machine but displaying on the local X server.

       You have been warned. You can use the --molly-guard-do-nothing switch to prevent anything from happening, e.g.  halt
       --molly-guard-do-nothing.

OPTIONS

       --molly-guard-do-nothing
	   Cause molly-guard to print the command which would be executed, after processing all scripts, instead of executing it.

       -h, --help
	   Display usage information.

       -V, --version
	   Display version information.

SEE ALSO

       shutdown(8), halt(1), reboot(8), poweroff(8).

LEGALESE

       molly-guard is copyright by martin f. krafft. Andrew Ruthven came up with the idea of using the scripts directory and submitted a patch,
       which I modified a bit.

       This manual page was written by martin f. krafft madduck@madduck.net.

       Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0

COPYRIGHT

       Copyright (C) 2008 martin f. krafft

[FIXME: source] 						   Apr 19, 2008 						    MOLLY-GUARD(8)
All times are GMT -4. The time now is 06:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy